Unrated severityNVD Advisory· Published Jun 2, 2022· Updated Aug 3, 2024
CVE-2022-26944
CVE-2022-26944
Description
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4(expand)+ 1 more
- (no CPE)
- (no CPE)range: =2.4.20
- osv-coords2 versions
>= 2.4.20, <= 2.4.20+ 1 more
- (no CPE)range: >= 2.4.20, <= 2.4.20
- (no CPE)range: >= 2.4.20, <= 2.4.20
Patches
Vulnerability mechanics
References
2- docs.percona.com/percona-xtrabackup/2.4/release-notes/2.4/2.4.25.htmlmitrex_refsource_MISC
- jira.percona.com/browse/PXB-2722mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.